Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

• The U.S. Chemical
Safety Board and the Occupational Safety and Health Administration are
investigating a methyl mercaptan leak at a DuPont and Co. plant in LaPorte,
Texas, that killed four workers and injured one November 15. – Reuters

3. November 16, Reuters – (Texas) Federal
agencies to begin probe of DuPont Texas plant deaths. The U.S. Chemical
Safety Board and the Occupational Safety and Health Administration are
investigating following a methyl mercaptan leak at a DuPont and Co. plant in
LaPorte, Texas, November 15 that killed four workers. A fifth employee was
transported to an area hospital with injuries. Source: http://www.reuters.com/article/2014/11/17/us-usa-chemicals-death-idUSKCN0J00XA20141117

• A boil water
advisory was issued for customers in Sussex Borough November 16 until November
21 following the restoration of water service after a November 13 water main
break during construction work on Route 23 in which over 1 million gallons of
water was lost. – New Jersey Herald

19. November
16, New Jersey Herald – (New Jersey) Customers in Sussex advised
to continue boiling water. A boil water advisory was issued for customers
in Sussex Borough November 16 until November 21 following the restoration of
water service after a November 13 water main break during construction work on
Route 23. The water system lost over 1 million gallons of water due to the
break and crews continue work to bring the borough’s upper water tank to full
capacity. Source: http://www.njherald.com/story/27399965/customers-in-sussex-advised-to-continue-boiling-water

• The Dickson County
Sheriff’s Office in Tennessee’s computer system was compromised by the
CryptoWall ransomware in October after an employee clicked on a malicious
advertisement that forced staff into paying $500 in digital currency in order
to retrieve 72,000 files.– Softpedia

26. November 14, Softpedia – (Tennessee) Sheriff’s
office pays ransom to unlock files encrypted by CryptoWall. The sheriff’s
office in Dickson County, Tennessee, reported that its computer system was the
victim of the CryptoWall ransomware in October after an employee clicked on a
malicious advertisement placed on the Web site of a local radio station. The sheriff’s
office was forced to pay about $500 in digital currency in order to retrieve
72,000 files that were encrypted by the ransom-demanding malware. Source: http://news.softpedia.com/news/Sheriff-s-Office-Pays-Ransom-to-Unlock-Files-Encrypted-by-CryptoWall-464962.shtml

• Eight people were
injured and 40 Ohio University students in Athens, Ohio, were displaced after a
major fire damaged 6 buildings that included university housing and shut off
power to the affected area for several hours November 16. – Athens News

40. November 16, Athens News – (Ohio) Blaze
heavily damages block of uptown buildings. Authorities are investigating
the cause of a November 16 fire that damaged 6 businesses in Athens, Ohio, and
injured 8 individuals, including 3 firefighters and 1 police officer. At least
40 students were displaced from apartment units located above the affected
businesses, and a subsequent power outage affected the area for several hours.
Source: http://www.athensnews.com/ohio/article-43673-blaze-heavily-damages-block-of-uptown-buildings.html

Financial Services Sector

6. November
14, Baltimore Sun – (New York; Maryland) Former owner of Empire
Towers indicted in $7million fraud. The U.S. Securities and Exchange
Commission filed a complaint November 14 against a Hampton Bays, New York man
who owned the Empire Towers building in Glen Burnie, Maryland, for allegedly
raising over $7 million from investors by selling fraudulent, unregistered
bonds. The SEC also charged the man’s investment advisor for allegedly
participating in the scheme. Source: http://www.baltimoresun.com/news/maryland/anne-arundel/bs-md-aa-empire-towers-owner-indicted-20141114-story.html

For another story, see item 32 below
in the Information Technology Sector

28. November
17, Softpedia – (International) Steam password stealer is stored on Google Drive.
A researcher with Panda Security analyzed and reported a piece of malware
designed to steal passwords for the Steam gaming service that is being
delivered from a Google Drive account. The account was still active when the
researcher reported the malware November 16 and targets victims via a
fraudulent link in Steam chat that downloads an executable file. Source: http://news.softpedia.com/news/Steam-Password-Stealer-Is-Stored-On-Google-Drive-465107.shtml

29. November
17, The Register – (International) WinShock PoC clocked: But DON’T PANIC… It’s
no Heartbleed. Researchers released a proof-of-concept (PoC) exploit for a
SChannel crypto library flaw that was patched the week of November 10 in a Microsoft
patch release. The flaw can still be exploited in unpatched Windows Server
2012, 2008 R2, and 2003 installations to run arbitrary code. Source: http://www.theregister.co.uk/2014/11/17/ms_schannel_crypto_poc/

30. November
17, The Register – (International) Attack reveals 81 percent of Tor users but
admins call for calm. A paper released by researchers at the Indraprastha
Institute of Information Technology outlined a traffic confirmation attack
method that the researchers stated could be used to identify users of the Tor
anonymity network in 81 percent of cases if an attacker has sufficient
resources. Source: http://www.theregister.co.uk/2014/11/17/deanonymization_techniques_for_tor_and_bitcoin/

31. November
17, Securityweek – (International) Alleged creators of WireLurker malware
arrested in China. Authorities in China arrested three individuals for
allegedly creating and distributing the WireLurker malware targeting Mac OS X,
iOS, and Windows devices and shut down the Web site used to distribute the
malware. Source: http://www.securityweek.com/alleged-creators-wirelurker-malware-arrested-china

32. November
17, Securityweek – (International) Majority of top 100 paid iOS, Android apps
have hacked versions: Report. Arxan Technologies released their annual
State of Mobile App Security report which found that there were cloned or
repackaged versions of 97 percent of the top 100 paid Android apps and 87
percent for top 100 paid iOS apps, and that repackaged or cloned financial
services apps existed for 95 percent of apps on Android and 70 percent in iOS,
among other findings. Source: http://www.securityweek.com/majority-top-100-paid-ios-android-apps-have-hacked-versions-report

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"